Parachute HealthRemote
Application Engineer
United States of America
Full Time
3 days ago
$80,000 - $120,000 USD
No H1B
Key skills
JavaScriptTypeScriptPythonRubySQLAIAgenticAnalyticsBigQueryRedshiftReactNode.jsRuby on RailsRailsGraphQLTDDAWSGCPECSEKSEC2LambdaS3RDSIAMOktaDatadogSplunkGitHubSaaS
About this role
Parachute Health is transforming post-acute care through a digital ordering platform for medical equipment and supplies. The Application Engineer role involves building internal platforms, automations, and AI-powered workflows to ensure the healthcare technology environment is secure and efficient.
Responsibilities:
- Design, develop, and maintain internal applications and automations that eliminate manual IT/Security work, including provisioning, access reviews, compliance evidence collection, audit preparation, and ticket triage
- Develop and maintain integrations across the security and IT stack, including Okta, Zscaler, Splunk/Wazuh, Lacework, Drata, Datadog, AWS, GCP, GitHub, and n8n
- Package, deploy, and operate IT/Security tooling using Parachute's standard deployment patterns and observability stack
- Architect agentic AI workflows for IT and Security operations, including automated alert triage, log correlation, root-cause analysis, guided remediation, access-review automation, and audit evidence collection
- Build the context layer (MCP servers, retrieval pipelines, and embeddings) that grounds AI agents in Parachute-specific systems, policies, and runbooks
- Drive AI adoption across the IT/Security team through pairing, architecture reviews, and reusable skills/plugins/workflows
- Build an MCP-based agent that automates audit evidence collection from multiple sources
- Replace manual access-review workflows with an agentic pipeline
- Develop, tune, and maintain SOAR/SIEM detections, dashboards, and correlation rules in Splunk/Wazuh
- Support threat hunting, incident investigation, pen test, and/or red teaming, and forensic analysis with custom tooling and queries (Redshift, BigQuery, log platforms)
- Apply MITRE ATT&CK, NIST CSF, and HITRUST CSF to guide detection engineering and control implementation
- Contribute to SOC runbooks, SOPs, and automation playbooks (SOAR)
- Automate compliance evidence collection and control validation across SOC 2, HITRUST CSF, HITRUST AI, and HIPAA
- Participate in an on-call rotation for IT/Security incidents; contribute to post-incident reviews and continuous improvement
- Maintain stable, performant, and auditable internal application stacks
Requirements:
- 2+ years of writing production code in a web-based environment
- Professional experience with Ruby on Rails, and/or Python, and/or JavaScript/TypeScript (React, Node.js)
- Hands-on experience with AWS (IAM, EC2, ECS/EKS, S3, RDS, Lambda) and infrastructure-as-code
- Demonstrated experience integrating with REST/GraphQL APIs and building automations across SaaS platforms
- Working knowledge of at least one compliance framework - SOC 2, HITRUST, HIPAA, ISO 27001, or NIST
- Security-first mindset: you think about least privilege, secrets handling, PHI exposure, and audit trails by default
- Strong fundamentals in data structures, design patterns, and TDD
- Must reside in the U.S
- Experience building agentic AI systems in production - agent architectures, tool integration via MCP, retrieval-augmented generation, evaluation frameworks
- Experience setting up AI development environments and driving AI adoption across a technical team
- Familiarity with our stack: Okta, ZScaler, Splunk/Wazuh, Lacework, Drata, Datadog, n8n workflows and/or Argo workflows
- SIEM detection engineering or SOC tooling experience (Splunk SPL, Wazuh rules, Sigma)
- Healthcare technology background - exposure to HIPAA, PHI handling, or DME workflows
- Security or cloud certifications (CCA-F, CISSP, CCSP, AWS Security Specialty, OSCP)
- Experience as a technical lead bridging IT, Security, Engineering, and Compliance stakeholders
- Proficient in SQL (Redshift, BigQuery) for forensic and operational analytics